OO-3612: adapt the hash algorithm to SEB 2.2 new way to handle the

trailing / of an URL

src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java

@@ -319,6 +319,15 @@ public class AssessmentModeManagerImpl implements AssessmentModeManager {
 				if(safeExamHash != null && safeExamHash.equals(hash)) {
 					safe = true;
 				}
+
+				if(!safe && url.endsWith("/")) {
+					String strippedUrl = url.substring(0, url.length() - 1);
+					String strippedHash = Encoder.sha256Exam(strippedUrl + safeExamBrowserKey);
+					if(safeExamHash != null && safeExamHash.equals(strippedHash)) {
+						safe = true;
+					}
+				}
+				
 				if(debug) {
 					if(safeExamHash == null) {
 						log.debug("Failed safeexambrowser request hash is null for URL: " + url + " and key: " + safeExamBrowserKey);

src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java

@@ -1036,6 +1036,27 @@ public class AssessmentModeManagerTest extends OlatTestCase {
 		Assert.assertTrue(allowed);
 	}
 	
+	/**
+	 * SEB 2.1 and SEB 2.2 use slightly different URLs to calculate
+	 * the hash. The first use the raw URL, the second remove the
+	 * trailing /.
+	 */
+	@Test
+	public void isSafelyAllowed_seb22() {
+		String safeExamBrowserKey = "a3fa755508fa1ed69de26840012fb397bb0a527b55ca35f299fa89cb4da232c6";
+		String url = "http://kivik.frentix.com";
+		String hash = Encoder.sha256Exam(url + safeExamBrowserKey);
+
+		MockHttpServletRequest request = new MockHttpServletRequest();
+		request.setServerName("kivik.frentix.com");
+		request.setScheme("http");
+		request.addHeader("x-safeexambrowser-requesthash", hash);
+		request.setRequestURI("/");
+		
+		boolean allowed = assessmentModeMgr.isSafelyAllowed(request, safeExamBrowserKey);
+		Assert.assertTrue(allowed);
+	}
+	
 	@Test
 	public void isSafelyAllowed_fail() {
 		String safeExamBrowserKey = "gdfkhjsduzezrutuzsf";